The WiFi Protected Setup protocol is vulnerable to a brute force attack that allows an attacker to recover an access point’s WPS pin, and subsequently the WPA/WPA2 passphrase, in just a matter of hours.

the link is http://devttys0.com/2011/12/cracking...hours-or-less/
and tool is http://code.google.com/p/reaver-wps/
has somebody interest it ,compile reaver ,let it can run on N900 ,
i think that great!!